Cybercrimes, especially financial frauds are increasing rapidly. It is time banks should shed the hypocrisy of always being defensive and take an objective view of breaches to data

The Hyderabad City Police commissioner in a press conference recently revealed that the city police registered 21,035 cyber-crime cases in 2014 as against 19,011 in 2013 and 18,744 in 2012. The rise is attributed to the large-scale use of technology and mobile phones.

Social media contributed significantly with the uploading of fake woman profiles, online payment frauds, blackmailing, hacking, skimming, identity theft and data theft etc. The police are trying to use technology again to track and trace the criminals. Global trends are no different although it cannot be a solace.

Preventive measures should also include, keeping personal data private, opt-in-two-factor authentication wherever it is offered, and saying ‘no’ to Social Security Number (SSN) authentication. Detection measures required that consumers should work in partnership with institutions on identity theft prevention. Aadhaar is moving into the social security number status and that worried me.

Resolution involves taking any data breach seriously and to report the problems immediately. Banks should also shed the hypocrisy of always holding defense to whatever they did and take an objective view of breaches to data. Regulatory oversight is also highly critical. The mute question is; does the regulator view these global developments in coordination with the cyber investigation teams of Government of India? If data and files in physical form were stolen, and computer data in defense department also had no exception are banks in India away from them? Public should be made aware of the precautions in a more penetrative manner.

According to Internetlivstats, 2014 of the UN Population Division, around 40% of the population in the world today has internet facility compared to just 1% in 1995. The number of internet users has increased tenfold from 1999 to 2013. The first billion was reached in 2005: the second billion in 2010, the third billion in 2014. In 2014, nearly 75% (2.1 billion) of all internet users in the world (2.8 billion) live in the top 20 countries. The remaining 25% (0.7 billion) is distributed among the other 178 countries, each representing less than 1% of total users. With 17.5% of share of world’s population, India has internet penetration of near 20% compared to 46% in China and 86% in the US with their share in world’s population at 19.19% and 4.45% respectively. This would mean that the impact of any cyber attack would be felt more in India and China than the rest of the world though the volume of resources affected could be large in the countries like the US, Germany, Japan and the USSR in the immediate future.

Javelin’s “2014 Identity Fraud Report” provides a comprehensive analysis of fraud trends in the context of a changing technological and regulatory environment in order to inform consumers, financial institutions and businesses on the most effective means of fraud prevention, detection and resolution. Although the Survey covers only the US, the findings are of consequence to Europe and Asia and in particular India where population using internet and mobile technologies for finance are exponentially increasing.

In 2013, 13.1 million consumers suffered identity fraud – the second highest level on record. Existing card fraud (ECF) became increasingly popular with criminals, contributing to the near record number of identity fraud victims. Password habits, mobile device usage, and social networking on identity fraud reflect the highest incidences with data collection on a longitudinal updates from 2005 to 2013.

Identity frauds were found to be on the increase (Nancy Ozawa, 2014) and these frauds occurred mostly on the transactions through eBay, PayPal and Amazon with the stolen information to make purchases, which are more than just credit card fraud.

“Identity fraud is defined as the unauthorized use of another person’s personal information to achieve illicit financial gain. Identity fraud can range from simply using a stolen payment card account, to making a fraudulent purchase, to taking control of existing accounts or opening new accounts, including mobile phone or utility services.” The study, ‘Javelin Strategy & Research, Pleasanton, a department of Greenwich Associates CA, USA, February 2014’ found that the number of identity fraud incidents increased by 500,000 consumers over the year 2012 while the dollar amount stolen decreased to $18 billion indicating more alertness on the part of the financial institutions. Account takeover frauds accounted for 28% of all identity fraud. Data breaches are noticed to be the biggest risk factor here.

American Bankers’ Association (ABA) in a recent report quoted Kaspersky Lab, a computer security firm mentioning that a hacker group has stolen as much as $1 billion from banks and other financial companies worldwide since 2013 in an "unprecedented cyber-robbery." The gang targeted as many as 100 banks, e-payment systems, cash dispensers like the ATMs and other financial institutions in 30 countries including the US, China and European nations, stealing as much as $10 million in each raid. The criminals detected by Kaspersky infected bank employees' computers with Carbanak malware, which then spread to internal networks and enabled video surveillance of staff. That let fraudsters mimic employee activity to transfer and steal money, according to Kaspersky, which said it has been working with Interpol, Europol and other authorities to uncover the plot.

While many American banks quickly denied the impact on their institutions, even spokesperson for the US Federal Bureau of Investigation in Washington, Paul Bresson, declined to comment on the revelations in the Report. Dough Johnson, senior Vice President of payments and cyber security policy at the ABA said that he has high degree of confidence that the US Banks are not somehow denying the Report.

Indian banks must take the cautionary advice of American Banking Association seriously because of the increasing penetration of internet banking through different instruments and routes on one side and penetration with Aadhaar ID for the more vulnerable groups in the Jan Dhan products.

(Dr Yerram Raju Behara is a former senior executive of SBI and former Dean of Studies at Administrative Staff College of India (ASCI). He is a visiting Professor at Institute of Small Enterprise Development, Kochi and Advisor, KESDEE Inc, the E-Learning Centre at San Diego. The views expressed in the article are his personal.)

User

The Subrata Roy-led Sahara group is facing a liquidity crunch for past one year due to embargo and double payment for investor refund, resulting into many problems like meeting employee salary, statutory and other operating obligations

Sahara Group's long-drawn dispute with market regulator Securities and Exchange Board of India (SEBI) over investor repayments has started to take its toll on salaries of the group's employees, which are getting delayed amid a major liquidity crunch.

The salary delays are mainly being faced by the staff members in the corporate offices of the crisis-hit group, while there are also delays on certain statutory payments and operating obligations or expenses related to day-to-day business due to difficulty in fund flows.

When contacted, a Sahara spokesperson confirmed the delays in salary and other payments, while adding that the junior staff members are being given priority for the payments.

"We are working to diffuse this crisis, which has also created grave difficulties for our employees. Sahara India is one big Pariwar (family) and all the employees are its members, who are standing together in these difficult times. "With our dedicated employees and the strong fundamentals of the group, we are hopeful that we will soon come out of this crisis," the spokesperson had said.

The group has over 10 lakh full-time and part-time employees, including permanent staff at its various companies, permanent agents who get regular incentive payments besides a large number of part-time agents.

While the exact number of persons whose salaries and other payments have been delayed could not be ascertained, sources said their numbers could run into "tens of thousands".

"The group is facing a liquidity crunch for past one year due to embargo and double payment (for investor refund), resulting into many problems like meeting the salary, statutory and other operating obligations/ expenses in doing business," the spokesperson said.

"We are however releasing the salaries time to time based on the fund flow on a continuous basis. The delayed salaries of junior staff were released just a few days back as extra care has been taken for our junior staff. Soon salaries of other brackets will be released," he added.

"In some business divisions, salaries of our employees have got delayed by many months. However, situation is better at those divisions, which have their own fund-flow like the Group's luxury hotel Sahara Star in Mumbai, resort town Aamby Valley City and the 500-bed tertiary care Sahara Hospital in Lucknow.

Replying to queries on salary delays, the group spokesperson said, "For the past 14 months, Sahara India group's all kinds of assets and bank accounts are under embargo of Supreme Court and there is an extra burden of demand of double payment against single liability in Sahara-SEBI case."

Sahara is trying to raise necessary funds to secure release of its chief Subrata Roy, and two other officials, from Tihar Jail where they have been lodged for almost a year in connection with the investor repayment case.

The group was asked by the Supreme Court in August 2011 to deposit over Rs24,000 crore with SEBI for refund to investors. Sahara, which has deposited some instalments since then with the market regulator, maintains that it has already refunded over 95% of investors directly.

Whenever RBI announces an increase in its monetary policy rates, housing loan-providers, such as banks and finance companies, are quick to hike interest rates. However, the same efficiency is never shown by these lenders, when there is a rate cut by RBI.

It may sound unethical to borrowers, but lenders like to earn more and make more profit. The question, however, is: Why do regulators turn a blind eye to this unethical practice of lenders?

First, we need to understand that there are two types of lenders who provide home loans. One, banks that are regulated by RBI and finance companies, like HDFC and LIC Housing Finance, are governed by National Housing Bank (NHB). Banks and housing finance companies offer two types of interest rates on home loans, fixed and floating.

For a fixed rate loan, the interest rate is fixed either for the entire tenure of the loan or a certain part of the tenure. If it is fixed for certain part of the loan tenure, the borrower needs to read and understand the reset clause.

Floating rate loan changes with changes in market interest rates. When the market rate goes up, the equated monthly instalments (EMIs) also increase, and vice versa. However, borrowers often find that, despite the fall in market rates, their EMI has remained static.

The floating interest rate is made up of two parts, the index and the spread. The index is a measure of interest rates generally (based on, say, government securities’ prices or benchmark prime lending rates (BPLR). The spread is an extra amount that the lender adds to cover credit risk and profit mark-up. The amount of the spread may differ from one lender to another, but it is usually constant over the tenure of the loan. If the index rate moves up, so does the interest rate, in most circumstances, and the borrower will have to pay a higher EMI. Conversely, if the interest rate moves down, the EMI amount should be lower. Often, despite a rate hike, lenders keep the EMI constant, but increase the repayment period. But the borrower needs to check this with the individual lender.

In January 2015, RBI, for the first time since May 2013, reduced the repo rate by 25 basis points to 7.75%. The central bank had kept the benchmark interest rate at 8% since January 2014. However, despite huge expectations from borrowers, there was hardly any change in interest charged by lenders.

This happens because RBI has given banks freedom to set their interest rates. RBI, in its master circular issued on 1 July 2014, has said, “Banks may, with the approval of their Boards, determine the rate of interest, keeping in view the size of accommodation, degree of risk and other relevant considerations.”

Recently, RBI has allowed banks to relook at their base rate computation formula after three years instead of five years. The last time banks decided on the base rate formula was in 2010 and the asset liability committee (ALCO) of each bank is expected to take a call on this.

However, bankers still cite the higher average cost of funds, or incremental cost of funds, for not reducing the home loan interest rates, despite RBI reduction. When there is a rate cut in monetary policy, lenders first reduce their interest rates on deposits and, only when their average cost of funding comes down, they reduce their base rate. Another reason for lenders not reducing their base rate is that such action affects a major chunk of their loan portfolio and, thus, their balance sheet (read profit). Most banks use the average cost of funds for the previous quarter, to decide their benchmark rates.